Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Ohuh8jJOiwtk6Ry-vAHx_qgX9j8.roa
File: Ohuh8jJOiwtk6Ry-vAHx_qgX9j8.roa (raw, json)
Hash identifier: 0TYb+0YjJWjQHSFETYpDDNgcuxelEZErEiaAXpJMVeg=
Subject key identifier: 3A:1B:A1:F2:32:4E:8B:0B:64:E9:1C:BE:BC:01:F1:FE:A8:17:F6:3F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 23DE
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Ohuh8jJOiwtk6Ry-vAHx_qgX9j8.roa
Signing time: Tue 24 Jun 2025 09:11:59 +0000
ROA not before: Tue 24 Jun 2025 09:11:59 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9182 (0x23de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 24 09:11:59 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=3A1BA1F2324E8B0B64E91CBEBC01F1FEA817F63F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:23:68:6f:bc:7d:ef:d5:33:88:7f:81:8a:11:
c4:02:c0:b6:c1:b1:70:66:f7:cf:8b:42:0f:28:f8:
ea:21:76:3e:9f:92:7f:8e:e7:5c:44:5a:4c:5a:98:
bc:46:70:cd:80:d3:ba:5b:e3:b4:ee:f7:4f:8e:1f:
b5:63:50:57:2f:9b:07:31:02:db:7d:9a:6c:6f:25:
37:5a:17:bf:0d:fa:99:78:e5:01:08:38:5e:22:f2:
c2:39:e5:2c:4c:e5:5c:d0:c0:e0:17:5c:04:2b:3b:
d8:dc:29:79:b6:cd:ee:28:17:59:03:93:47:24:b4:
f0:22:f7:2d:ac:6f:fc:4a:7c:4c:f3:57:3f:1d:c5:
82:e3:a9:9e:3c:78:78:7e:18:b6:e6:31:c5:6e:02:
6a:c3:60:44:a3:36:e1:0d:0e:29:ac:15:05:f1:4a:
cf:fd:79:cf:ab:8f:5c:25:2f:0e:5e:4b:93:c6:5f:
75:c8:09:80:c4:4a:e2:d8:e8:51:91:3a:08:85:f7:
a9:32:97:ba:ff:80:3b:6a:dd:68:9e:a5:58:02:2d:
35:fd:3e:11:56:53:c9:da:f7:a7:87:96:b8:5a:4b:
1d:f3:45:37:6d:5c:02:47:a5:b0:12:16:76:69:e1:
ed:86:f4:42:13:66:7b:8a:c4:1d:fa:63:38:93:89:
f9:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:1B:A1:F2:32:4E:8B:0B:64:E9:1C:BE:BC:01:F1:FE:A8:17:F6:3F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Ohuh8jJOiwtk6Ry-vAHx_qgX9j8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a0:5c:ae:d9:21:09:66:ef:60:fe:d0:6b:74:a4:f6:56:41:5c:
67:ae:79:46:6c:2a:26:0f:51:cc:d6:3b:43:20:07:e6:cb:bf:
bb:e0:81:39:fa:48:35:b4:8a:2d:a5:0b:0b:20:0f:c1:14:4a:
a2:08:c8:9a:62:c9:65:6f:b9:ad:a9:a4:53:2d:39:af:a6:98:
da:51:c2:51:cf:2f:b1:3d:4e:ac:85:52:d2:0d:46:99:a7:47:
44:8b:bf:76:cd:5b:6b:eb:cd:99:14:32:a2:e8:e9:5c:b4:a9:
ff:38:a7:14:43:d1:56:aa:5d:b6:4a:8e:d4:68:88:ab:cd:0e:
82:86:1c:06:76:d4:14:35:ab:d0:d1:27:8c:be:a6:e9:2c:f5:
d0:f4:c4:c4:8b:5a:45:ed:1e:5b:5b:1e:cc:f1:65:63:b6:34:
ae:99:aa:7c:b3:11:98:87:05:8e:55:b8:27:d5:33:e2:cb:f5:
9e:dd:d0:da:a9:37:05:9a:b7:17:64:46:3d:f4:8f:66:b4:ce:
22:c3:19:dc:3b:6d:cf:93:ea:9e:9c:98:b6:c9:b4:dd:2b:52:
5a:7f:b8:dc:ec:17:5a:62:a4:eb:57:a5:44:5b:fb:39:c4:f3:
3d:71:9e:a5:28:74:76:a2:ed:13:2a:29:4d:9a:7f:ae:52:60:
54:c4:da:ac
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICI94wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjQw
OTExNTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDNBMUJBMUYyMzI0RThC
MEI2NEU5MUNCRUJDMDFGMUZFQTgxN0Y2M0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWI2hvvH3v1TOIf4GKEcQCwLbBsXBm98+LQg8o+Oohdj6fkn+O
51xEWkxamLxGcM2A07pb47Tu90+OH7VjUFcvmwcxAtt9mmxvJTdaF78N+pl45QEI
OF4i8sI55SxM5VzQwOAXXAQrO9jcKXm2ze4oF1kDk0cktPAi9y2sb/xKfEzzVz8d
xYLjqZ48eHh+GLbmMcVuAmrDYESjNuENDimsFQXxSs/9ec+rj1wlLw5eS5PGX3XI
CYDESuLY6FGROgiF96kyl7r/gDtq3WiepVgCLTX9PhFWU8na96eHlrhaSx3zRTdt
XAJHpbASFnZp4e2G9EITZnuKxB36YziTifmbAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUOhuh8jJOiwtk6Ry+vAHx/qgX9j8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9PaHVoOGpKT2l3dGs2Unkt
dkFIeF9xZ1g5ajgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAKBcrtkhCWbvYP7Qa3Sk9lZBXGeueUZsKiYP
UczWO0MgB+bLv7vggTn6SDW0ii2lCwsgD8EUSqIIyJpiyWVvua2ppFMtOa+mmNpR
wlHPL7E9TqyFUtINRpmnR0SLv3bNW2vrzZkUMqLo6Vy0qf84pxRD0VaqXbZKjtRo
iKvNDoKGHAZ21BQ1q9DRJ4y+puks9dD0xMSLWkXtHltbHszxZWO2NK6ZqnyzEZiH
BY5VuCfVM+LL9Z7d0NqpNwWatxdkRj30j2a0ziLDGdw7bc+T6p6cmLbJtN0rUlp/
uNzsF1pipOtXpURb+znE8z1xnqUodHai7RMqKU2af65SYFTE2qw=
-----END CERTIFICATE-----
Generated at Sun Jul 20 23:17:20 2025 by rpki-client